package org.example.service;

import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.stereotype.Service;

import javax.servlet.http.HttpServletRequest;
import javax.xml.ws.ServiceMode;
import java.util.Collection;

/**
 * @Auther: GongXl
 * @Date: 2021/3/10 10:37
 * @Description:验证有权限的内容放回true通过放行
 */
@Service
public class MyServiceImpl implements MyService{
    @Override
    public boolean hasPermission(HttpServletRequest req, Authentication authentication) {
        String requestURI = req.getRequestURI();
        Object principal = authentication.getPrincipal();
        if(principal instanceof UserDetails){
            UserDetails principals = (UserDetails)principal;
            Collection<? extends GrantedAuthority> authorities = principals.getAuthorities();
            return authorities.contains(new SimpleGrantedAuthority(requestURI));
        }
        return false;
    }
}